Subscribe by Email

Your email:

Most Popular Posts

Browse by Tag

Posts by Month

Westec's Office Tech Blog!

Current Articles | RSS Feed RSS Feed

Criminals Targeting SMBs with Unsecured, Vulnerable Wi-Fi Networks

Posted by Richard Schissler on Mon, May 09, 2011 @ 12:09 PM
  
  
  
  
  
Add to delicious  delicious  
  

 by Paul Mah 2011-4-28 3:15:26       computer thief

Seattle police are currently investigating a group of criminals whose modus operandi was to cruise around in a vehicle to map out surrounding wireless networks for a subsequent break-in. Also known as "wardriving," hackers essentially made use of laptops armed with long-range antennas to search for unsecured or poorly-protected wireless networks that they could exploit. Once network access was obtained, the hackers could potentially siphon off credit card account information, redirect funds via the use of fake payrolls or even access identity information for the purpose of fraud.

 

The vehicle, a black Mercedes with heavily tinted windows was impounded last year after its owner tried to use stolen gift cards at a local wine bar. When the police searched the car, they found a passenger-seat laptop mount designed to allow the driver to operate the computer, while a laptop that draws its power from the car was also found together with a range-boosting antenna. The group was believed to have been doing this for five years.

 

While unsecured wireless networks are obviously at risk, businesses using WEP (Wired Equivalent Privacy) for security are also equally vulnerable. This is because WEP has well-known flaws that allow it to be trivially defeated. To illustrate just how vulnerable the anarchic algorithm is, a 104-bit WEP key could be cracked in as little as two minutes under the right circumstances – four years ago.  Moreover, the tools to defeat WEP are widely available, and are easily exploited by criminals with only modest computer skills.

 

Modern Wi-Fi access points (AP) typically come with the more secure WPA protocol (Wi-Fi Protected Access), though WEP is often supported for the sake of backwards compatibility. As such, SMBs that misconfigure the security setting could open themselves to risk, as with businesses that opt for WEP in order to continue using older, WEP-only wireless hardware.

 

The risks could be particularly acute to SMBs. As reported by Network World, Detective Chris Hansen, a fraud investigator with the Seattle Police Department wrote in his affidavit that:

A number of area small and medium-sized businesses have been targeted in these network intrusions, which have also involved a pattern of financial and personal identifying information (such as credit card information).

As larger businesses tighten up their security with the use of WPA and more sophisticated Wi-Fi hardware, it is clear that SMBs that neglect to do so will place themselves at great risk. And security by obscurity doesn't work as long as the APs are switched on; instead, they are standing out, waiting to be hacked.

WesTec Services, Houston IT Support

WesTec Services, A Houston IT provider that offers a wide range of services including: Network Installation/Service, Telephone Systems/Service, Video Surveillance/Access Control and Office Equipment

CALL TODAY at (713) 682-4000

Tags: , , , ,

Comments

your blog is very informative.The content of your blog is very good.But if you should have given some more example to elaborate the topic ,then the blog will be the best.
Posted @ Thursday, May 26, 2011 1:37 AM by Houston Computer Network Repair
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics

Contact Us